order-certificate does not download challenges

Question

order-certificate does not download challenges

IgelCampus opened this issue 6 years ago · 3 comments

When following the wiki tutorial acme_client does not download the challenge files when renewing a certificiate. I am running the following commands:

ACMECLIENT="java -jar acme_client.jar -w . --log-dir . --log-level TRACE"
$ACMECLIENT -a ./cert/account.key -c ./cert/$DOMAIN.csr --command order-certificate --well-known-dir ./challenge --one-dir-for-well-known

After the command acme_client returns {"status":"ok"} but the specified challenge directory is empty. The trace logfile is attached, but I cannot see any error listed
acme.log
.

Answer 1 · 2018-12-11T13:56:47.000Z

You HTTP-1 challenge is verified and expires 2019-01-10 10:26:05. You can skip this step and go to the next one. Your authorization is also verified. For valid authorizations I've disabled a challenge downloading as there is no sense to validate them again. Notice, order-certificate command doesn't return challenges of valid authorizations. Authorizations may be valid already in some situations, even for new orders (depends on the CA provider).

Answer 2 · 2018-12-11T16:02:56.000Z

Thank you for the clarification. Would it make sense to add this to the docs for order-certificate and the wiki page for renewing a certificate?

Answer 3 · 2018-12-11T16:57:22.000Z

Yes, I think it makes sense. I will add this information a little bit later.